Likelihood to Recommend Splunk Enterprise Security 2025

Name: Which Threat Intelligence is best for you? Mandiant, Cisco SecureX, Splunk, Crowdstrike Falcon
Uploaded: 2022-10-21T16:23:11.000Z
Duration: 6 min 8 s
Description: Threat intelligence capabilities can be found in a variety of products. In this video, the TrustRadius team goes over 4 leading products in the space, including Splunk Enterprise Security (ES).

Overview

What is Splunk Enterprise Security?

Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale.

Splunk ES Alert Reduction

Rating: 10 out of 10

August 29, 2024

IncentivizedVetted ReviewVerified User

Our analysts use ES to gain a broad perspective on all the security events coming in from our customer devices. We have multiple internal customers with different environments...

Verified user

Engineer

3 years of experience

The Power of Splunk Enterprise.

Rating: 9 out of 10

March 25, 2024

IncentivizedVetted ReviewVerified User

We use Splunk Enterprise in our Organization to achieve the following. Consolidate logs from all sources in one place. Create Custom Correlation alerts to paint the bigger pic...

Verified user

Engineer

4 years of experience

Splunk Enterprise Security: My Review

Rating: 9 out of 10

October 24, 2023

IncentivizedVetted ReviewVerified User

It's easy to build queries & integrate with other systems and applications. There are a lot of add ons you can integrate to Splunk that can save you a lot of time. Correla...

Yash Dabhi

Engineer - Information Technology

Software Engineer

Maruti Techlabs

2 years of experience

Splunk ES Review

Rating: 7 out of 10

September 12, 2023

IncentivizedVetted ReviewVerified User

I was evaluating Splunk for a potential client. Splunk is a great tool for anyone that needs a SIEM to monitor data, networks, users, etc. The customization of the Dashboard i...

Sam Babbitt

Manager - Information Technology

System/Network Administrator

Babbitt Access Computers

1 year of experience

Splunk Enterprise Security is a must!

Rating: 9 out of 10

July 24, 2023

IncentivizedVetted ReviewVerified User

I am a security analyst and so I use it on a day to day basis to triage and troubleshoot alerts and security incidents in my organization. We have several dozen data sources g...

Joe Contreras

Analyst - Information Technology

Senior Security Specialist

San Manuel Casino

2 years of experience

Awards

Products that are considered exceptional by their customers based on a variety of criteria win TrustRadius awards. Learn more about the types of TrustRadius awards to make the best purchase decision. More about TrustRadius Awards

Return to navigation

Pricing

View all pricing

Splunk Enterprise Security

N/A

Unavailable

What is Splunk Enterprise Security?

Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale.

Entry-level set up fee?

No setup fee

For the latest information on pricing, visithttps://www.splunk.com/en_us/products/p…

Offerings

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services

Would you like us to let the vendor know that you want pricing?

76 people also want pricing

Alternatives Pricing

Microsoft Sentinel

$2.46

per GB ingested

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Features

Security Information and Event Management (SIEM)

Security Information and Event Management is a category of security software that allows security analysts to look at a more comprehensive view of security logs and events than would be possible by looking at the log files of individual, point security tools

8.4

Avg 7.8

9.4
Centralized event and log data collection
(100) Ratings
Effectiveness of real-time centralized event and log data collection
8.7
Correlation
(99) Ratings
Correlation of logs and events to pinpoint significant threats
8.6
Event and log normalization/management
(100) Ratings
Ability to normalize event syntax so that logs can be compared and are machine-understandable
8.3
Deployment flexibility
(101) Ratings
Ability to tune system to maximize threat detection and minimize false positives
7.8
Integration with Identity and Access Management Tools
(96) Ratings
Integration with access control tools like Active Directory and LDAP
9.3
Custom dashboards and workspaces
(102) Ratings
dashboards that can be customized to meet the needs of specific groups
7.9
Host and network-based intrusion detection
(96) Ratings
Ability to detect both endpoint intrusion and network ingress detection
8.5
Data integration/API management
(98) Ratings
Ease and quality of data integrations between SIEM and other systems
7.7
Behavioral analytics and baselining
(95) Ratings
How effectively activity and behavior baselines are established and maintained
8.5
Rules-based and algorithmic detection thresholds
(96) Ratings
Effectiveness of manually-established rules and algorithmically-determined detection thresholds
7
Response orchestration and automation
(87) Ratings
Quality of built-in response orchestration and automation in Next-Gen SIEM
8.7
Reporting and compliance management
(95) Ratings
Ease and quality of reporting and compliance functions
9.2
Incident indexing/searching
(101) Ratings
Effectiveness of searching across structured and unstructured events and incidents within SIEM

Return to navigation

Product Details

About
Competitors
Tech Details
FAQs

What is Splunk Enterprise Security?

Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale. The solution ingests machine data from any source for full visibility to detect malicious threats in an environment. With it, users can investigate and correlate activities across multicloud and on-premises sources in one unified view to identify and remediate security incidents.

Splunk Enterprise Security supports cloud, on-premises, and hybrid deployment models to meet the needs of the business. When deployed as a cloud-based SIEM, Splunk Enterprise Security helps users to deliver improved time to value, allowing teams to focus on higher value security tasks instead of managing infrastructure hardware and manual upgrades.

Splunk Enterprise Security Video

Threat intelligence capabilities can be found in a variety of products. In this video, the TrustRadius team goes over 4 leading products in the space, including Splunk Enterprise Security (ES).

Splunk Enterprise Security Competitors

Splunk Enterprise Security Technical Details

Operating Systems	Unspecified
Mobile Application	No

Frequently Asked Questions

Splunk Enterprise Security is an analytics-driven SIEM that helps to combat threats with actionable intelligence and advanced analytics at scale.

IBM Security QRadar SIEM, LogRhythm NextGen SIEM Platform, and Securonix Next-Generation SIEM are common alternatives for Splunk Enterprise Security.

Reviewers rate Centralized event and log data collection highest, with a score of 9.4.

The most common users of Splunk Enterprise Security are from Enterprises (1,001+ employees).

Return to navigation

Comparisons

View all alternatives

Compare with

Reviews From Top Reviewers

View all reviews

(1-5 of 103)

Sort By *

Splunk ES Alert Reduction

Rating: 10 out of 10

Incentivized

August 29, 2024

Verified User

Engineer in Engineering

Defense & Space Company, 5001-10,000 employees

Vetted Review

Verified User

3 years of experience

Likelihood to Recommend

It is well suited for our analysts reviewing the alerts that come in each day. The risk based alerting system allows us to tune detections to eliminate noisy notables and ensure our analysts don’t get stuck dealing with alert fatigue. The information generated by ES allows us to create dashboards that easily communicate our accomplishments to higher leadership.

The Power of Splunk Enterprise.

Rating: 9 out of 10

Incentivized

March 25, 2024

Verified User

Engineer in Information Technology

Computer Software Company, 1001-5000 employees

Vetted Review

Verified User

4 years of experience

Likelihood to Recommend

Well suited: Splunk ES is highly recommended in an environment with many data sources and experienced computer engineers. It has a steep learning curve, but once that hurdle is crossed, it is absolutely a beast. It is also very expensive, so a company putting a high amount of budget in Security is needed. Not well suited: Splunk ES is not recommended if a company has only a few sources and some non-technical IT users. The price won't justify the fewer data sources and scratching just the surface level. Moreover, non-technical IT users would be better off with something that has a query builder, unlike Splunk.

Splunk ES Review

Rating: 7 out of 10

Incentivized

September 12, 2023

Sam Babbitt

System/Network Administrator

Babbitt Access Computers (Computer & Network Security, 1-10 employees)

Vetted Review

Verified User

1 year of experience

View profile

Likelihood to Recommend

It is very easy to connect data sources and manipulate data sets of any size

Splunk Enterprise Security: My Review

Rating: 9 out of 10

Incentivized

October 24, 2023

Yash Dabhi

Software Engineer

Maruti Techlabs (Computer Software, 201-500 employees)

Vetted Review

Verified User

2 years of experience

Likelihood to Recommend

Well Suited: What we admire most about Splunk is the significant improvements and capabilities it brings to the software with every major release. It is simply mind-blowing and easy to set up from a backend developer's point of view, as it is compatible with existing popular enterprise frameworks using microservice architecture (Spring Boot). Less Suited: Their enterprise plans are frankly costly. Cost wise, maybe it won't be suitable for small startups.